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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
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REASONS FOR ALLOWANCE 

1 . Claims 37-72 are allowed. 

2. The following is an examiner's statement of reasons for allowance: 

In interpreting the currently allowed claims, in light of the specification, the 
Examiner finds the claimed invention to be patentably distinct from the prior art of 
record. 

Black et al. (United States Patent Application Publication No. US 
2002/0116485 A1), hereinafter "Black", discloses providing out-of-band management 
channels between network/element management system (NMS) clients and servers, for 
improving management and network availability (See Black, Abstract). Black 

discloses Template Driven Service Provisioning, whereby templates may be originated 
in Operations Support Services (OSS) clients and relayed to and received in NMS 
servers. Instead of using a GUI to interactively provision services on one network 
device in real time, a user may provision services on one or more network devices in 
one or more networks controlled by one or more network management systems (NMSs) 
interactively and non-interactively using an OSS client and templates (See Black, FIG. 
3b and 3h-3i combined, paragraphs [0408]-[0416]). Black further discloses a flexible 
naming procedure is used to derive and identify objects with which processes need to 
communicate with. The name server process allows high level processes to register 
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information about the objects within them and to subscribe for information about the 
objects with which they need to communicate. The flexible naming procedure is used in 
processes such as applications and device drivers, instead of hard coding names, and 
utilizes tables in a configuration database to derive the names of other configurable 
objects with which they need to communicate (See Black, FIG. 1, paragraph [0442]). 

Barker et al. (United States Patent No. US 6,363,421 B2), hereinafter 
"Barker", discloses remotely managing a plurality of network elements of a 
telecommunications network through a special communication link including a computer 
internet such as a LAN, the world wide web or the Internet. A management computer is 
connected to an element management system server through a communication link 
including the computer internet, and at least one of the plurality of network elements is 
additionally coupled to the element management system server through the computer 
internet and is managed via communications conveyed through the element 
management system server between the management computer and the at least one 
network element (See Barker, Abstract). Specifically, Barker discloses that an 
interface of an element management system server 32 receives management 
commands from a client 28 of a management computer 26, for the management of an 
application processor 80/network element 14 (See Barker, FIG. 1A-1C, and FIG. 2-4 
combined, col. 1, line 25-col. 2, line 33). Barker additionally discloses that upon 
startup, the client application registers with the server by providing identification of the 
client host, port, client, and a password. The server retrieves the client record from 
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local data services and returns a session object to the client noting the client's access 
permissions. The information is used to provide a level of access control in the client 
application (e.g. deactivating menu element management system for maintenance 
operations that are not allowed). All client requests are validated at the server (Barker, 
col. 30, lines 45-63). Barker further discloses that a management information base 
(MIB) stores object attributes related to a registered management computer 
26/application processor 80. Client applications utilize the EMAPI 55 to access service 
objects on the server which provide access to attributes of the managed objects, 
provide maintenance operations for those managed objects, and allow the client to 
register for notifications of attribute changes and event notifications) (See Barker, FIG. 
3 and FIG. 4 combined, col. 7, lines 45-63, col. 10, line 50-col. 11, line 60). 

Tindal et al. (United States Patent Application Publication No. US 
2002/0069274 A1), hereinafter "Tindal", discloses a method and apparatus to 
configure, monitor, and manage network devices without regard for device type and/or 
manufacturer (See Tindal, Abstract). Tindal discloses that once a configuration record 
has been changed, a network manager unit can use the fields of the modified 
configuration record to generate actual device-specific commands needed to configure 
a selected network device. Tindal discloses that the fields in a given configuration 
record can be used to populate variable fields in a device-specific code template. As a 
result, a network administrator is not required to know or create the actual device- 
specific commands that are required to configure the selected network device, but 
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rather only needs to know the general objective such as "enable router". The network 
manager unit will transform this general objective into the actual device-specific 
commands (See Tindal, FIG. 2, paragraphs [0013], and [0027]-[0029]). 

Prithviraj et al. (United States Patent No. 5,987,513), hereinafter "Prithviraj", 

discloses a network management system enabling a user to manage a network using 
browsers available on remote computer systems. A designer provides a page 
specification document identifying information elements of interest and corresponding 
explanatory labels. The page specification document is translated into a plurality of 
hypertext documents, and allows the designer to logically group the information 
elements of interest, thereby automatically defining the sequence in which the hypertext 
documents are accessed from other hypertext documents by actuating hypertext links in 
the other hypertext documents (See Prithviraj, Abstract). In addition, Prithviraj 
discloses all the hypertext documents are stored in a central network management 
station (NMS). The user accesses the documents from a remote or local computer 
system using a browser. To view the status of a subject network element, the user 
actuates the appropriate hypertext links. Such actuation specifies a desired template. 
The user also specifies an identifier (e.g., a unique Internet Protocol Address) of a 
subject network element from which to retrieve data dynamically and display using the 
template (See Prithviraj, col. 3, lines 49-57). Prithviraj further discloses in col. 19, 
lines 24-37, with respect to FIG. 6, a core software module, known as Cybercore 650 at 
the heart of a Network management station (NMS) 101 implementing network 
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management functions employed to manage the networks. Such functions include 
coordinating and controlling the operation of other components in NMS 1 01 , and 
performing many other traditional web server functions (See Prithviraj, FIG. 6, col. 19, 
lines 24-37). In addition, Prithviraj discloses, with reference to FIG. 1 1 , the manner in 
which Cybercore 650 enables a user to dynamically retrieve data from the network. In 
step 1110, Cybercore 650 receives the URL of a desired template and an identifier for 
the network element from which to retrieve the data dynamically. The URL of the 
desired template is generated automatically as the user actuates the appropriate 
hyperlinks (See Prithviraj, FIG. 11, col. 20, lines 13-20). 

However, the prior art of records, individually or in combination, fail to explicitly 
teach or render obvious a hardware-containing apparatus for mediating in management 
orders between a plurality of origin managing devices and a plurality of managed 
devices in a telecommunications system, the management orders intended to execute 
management operations over the managed devices, comprising: 

a communication receiver component arranged to receive a management order 
from one of the origin managing devices; 

a management verifier component arranged to determine whether the received 
management order is an allowed management order by checking whether content of the 
received management order fits access attributes comprised in a first management 
access template in relationship with an identifier of the origin managing device, a 
second management access template in relationship with an identifier of a managed 
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data object affected by the management order, and a third management access 
template in relationship with an identifier of a managed device affected by the 
management order; 

a communication sender component arranged to send an allowed management 
order to a managed device; and 

the hardware-containing apparatus is interposed between the plurality of origin 
managing devices and the plurality of managed devices so as to receive management 
orders from the plurality of origin managing devices and issue allowed management 
orders to the plurality of managed devices, as set forth in independent claim 37. 

Likewise, the prior art of records, individually or in combination, fail to explicitly 
teach or render obvious in a telecommunications system, a method implemented by a 
hardware-containing apparatus for mediating in the management of a plurality of 
managed devices from a plurality of origin managing devices, comprising the steps of: 

receiving a management order from one of the origin managing devices in the 
managed device; 

executing a management operation requested by the management order in the 
managed device; 

the step of receiving a management order comprising the further steps of: 
receiving a management order in a centralized management mediator; 
determining whether the received management order is an allowed management 
order by checking in the centralized management mediator whether content of the 
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received management order fits access attributes comprised in a first management 
access template in relationship with an identifier of the origin managing device, a 
second management access template in relationship with an identifier of a managed 
data object affected by the management order, and a third management access 
template in relationship with an identifier of a managed device affected by the 
management order; 

granting the management order to be sent to a managed device if it is an allowed 
management order; and 

the hardware-containing apparatus is interposed between the plurality of origin 
managing devices and the plurality of managed devices so as to receive management 
orders from the plurality of origin managing devices and issue allowed management 
orders to the plurality of managed devices, as set forth in independent claim 51 . 

Furthermore, the prior art of records, individually or in combination, fail to 
explicitly teach or render obvious a computer program stored on a non-transitory data 
storage in a computer-based apparatus for mediating management orders between a 
plurality of origin managing devices and a plurality of managed devices in a 
telecommunications system, the management orders intended to execute management 
operations over the managed devices, comprising: 

a computer-readable program having code adapted to cause a computer-based 
apparatus to process the reception of a management order from one of the origin 
managing devices; 
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the computer-readable program having code adapted to cause the computer- 
based apparatus to determine whether a received management order is an allowed 
management order by checking whether content of the received management order fits 
access attributes comprised in a first management access template in relationship with 
an identifier of the origin managing device, a second management access template in 
relationship with an identifier of a managed data object affected by the management 
order, and a third management access template in relationship with an identifier of a 
managed device affected by the management order, 

the computer-readable program having code adapted to cause the computer- 
based apparatus to send an allowed management order to a managed device; and 

the computer-based apparatus is interposed between the plurality of origin 
managing devices and the plurality of managed devices so as to receive management 
orders from the plurality of origin managing devices and issue allowed management 
orders to the plurality of managed devices, as set forth in independent claim 62. 

The examiner finds the combination of prior art of records fail to disclose the 
features of the invention including 

a communication receiver component arranged to receive a management 
order from one of the origin managing devices; 

a management verifier component arranged to determine whether the 
received management order is an allowed management order by checking 
whether content of the received management order fits access attributes 
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comprised in a first management access template in relationship with an 
identifier of the origin managing device, a second management access template 
in relationship with an identifier of a managed data object affected by the 
management order, and a third management access template in relationship with 
an identifier of a managed device affected by the management order; 

a communication sender component arranged to send an allowed 
management order to a managed device, as set forth in the independent claims. 

Dependent claims 38-50, 52-61 , and 63-72 further limit the allowed independent 
claims 37, 51 , and 62; therefore, they are also allowed. 

3. Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kostas Katsikis whose telephone number is (571)270- 
5434. The examiner can normally be reached on Monday - Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Wing Chan can be reached on (571)272-7493. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
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